I'm 99% sure this is one of them. I thought 404media posted a leaked list of the platforms once but I can't find it. Search is dead (this is a general statement)
Honestly, there's companies that have lost the source code for some of their applications. Or, they depend on components from vendors that have long ceased to exist. I remember there being a lot of consternation around being able to compile and link against binary components that have just been around forever that could never be recompiled themselves. More people "Learning COBOL" was never going to be a solution to that ball and chain. And yeah, LLMs are good in the reverse engineering space too so maybe we'll finally see movement on that in the next decade.
You're probably right, no disagreement there. but in the context of my previous comment, the people that write cobol today, I don't think there is a lot of work for them trying to reverse engineer native code back to cobol because the source is lost. But you make a really good point, if AI can assist with lost code recovery, perhaps it will assist them in migrating away from it or getting rid of workarounds and complexities implemented to get that previously opaque binary's behavior.
The vulnerability was in their backend cloud structure. The backend wasn't restricting access to only devices associated with your account.
> Out of sheer laziness, I connected to the Mysa MQTT server and subscribed to the match-everything wildcard topic, #. I was hoping I’d see messages from a few more MQTT topics, giving me more information about my Mysa devices.
> Instead, I started receiving a torrent of messages from every single Internet-connected production Mysa device in the whole world.
The devices had unique IDs, but they were all connected to one big MQTT pub/sub system that didn't even try to isolate anything.
It's lazy backend development. This happens often in IoT products where they hire some consultant or agency to develop a proof of concept, the agency makes a prototype without any security considerations, and then they call it done because it looks like it works. To an uninformed tester who only looks at the app it appears secure because they had to type in their password.
Not sure why this is being downvoted, it's a pervasive flaw across all these IoT products. See my description elsewhere here about how Haier "smart" controls work. It's completely insane, and pointless. For systems that can't fail--I include heating systems in the winter--this kind of "move fast and break shit" way of doing it is malpractice. The last thing in the entire world I want my furnace controls doing is an automatic OTA firmware update. Ever.
Sell an additional $200 box containing a Raspberry Pi with Home Assistant on it and a cheap capacitive touchscreen and pre-configure it with Tailscale. Would be reasonably consumer-friendly. Give it a fancy name and start slapping "{$HOME_ASSISTANT} Compatible" branding logos on partners boxes.
If it's not quite as consumer-friendly as you want it to be, contribute your engineering hours to the Home Assistant product until it is.
Bonus points for giving it 25-250W audio output to power speakers and letting you pair them together to play music in sync across different rooms of your house connected to speakers of your choice.
The number of people who 1) really want local-only control and 2) can deal with Home Assistant and Tailscale but 3) don't actually have the skill set to put together a Raspberry Pi or other small Linux box and set up HA and TS themselves is tiny.
The cloud systems are insecure and invasive, but it's really hard to get Normal People to understand why it's a problem. "So someone can tell if I'm not home; so what? I live in a gated community, they can't just drive in at night and burgle the house." They're not entirely wrong about that; it is unlikely. The hard push for subscription services by these companies has turned out to be the best way to push people into locally hosted alternatives, because they don't want to pay for another service, but the usual approach is just to do without the service when they realize that the "smart" functions are not that useful. Most people don't have the free time, knowledge, or inclination to set up and maintain Home Assistant. They can appreciate it when they see it done well, but they aren't going to pay for a professional installation and maintenance and they aren't able to do it themselves.
Agreed, and with open, auditable design it's far more trustworthy. So you can satisfy both the paranoid tech nerds (guilty as charged) and the folks who just want to get it running with the least amount of effort are safer--whether they know it or not--because it's audited.
> The cloud systems are insecure and invasive, but it's really hard to get Normal People to understand why it's a problem.
In the case of HVAC systems the danger is a collective one not individual. Sure if someone really wanted to they could watch you and wait until you're not home then turn your heat off and freeze your pipes. But they're not gonna do that, probably. Instead the kind of havoc they'll wreak with this access is to wait until some off-peak time and instantaneously fire up all the AC units and shut them down simultaneously, repeatedly, causing a huge demand spike. If supply doesn't ramp up fast enough then frequency will drop and then the grid will start trimming off branches to self-correct (or something like that? I'm not a power grid expert someone correct me) and you basically have chaos.
So you don't need to get individuals to care about it, and there's some argument to be made that they shouldn't, or at least shouldn't have to. But the power company damn well should, and governments damn well should.
EDIT: the major issue here is the people who are affected by a vulnerability like that aren't the people who purchased and installed the attack vector. They're everyone on the same power distribution network. So it's not like "oh well, they did a dumb thing and trusted a tech company" it's far bigger than that.
I'm hoping that things like Matter and Thread will help with this, but in the meantime, I have no problem with "optional remote-access service that you don't have to use and have to explicitly enable, or you can use it entirely locally".
Quite ironically, they do install a unique TLS cert and key on each thermostat, although it's done on first-wifi-connection of each thermostat, rather than pre-installed at the factory.
And then the thermostat uses those keys to mutually authenticate itself with the MQTT server. It actually makes it quite tedious (not impossible :-D) to 2-way-MITM the device's connection to the server.
It's just that, as @Aurornis wrote, the MQTT server itself did not have any checks to prevent sending and receiving messages to other owners' thermostats. ¯\_(ツ)_/¯
[ I've actually discovered a whole lot more details about the Mysa thermostats than what I published. Many of them can be used to subvert and reconfigure the devices in interesting ways, but only with a witting/willing device owner who has local access. So I don't feel any obligation to disclose them, although I might eventually get around to building a de-cloud-ifying tool using them: https://github.com/dlenski/mysotherm/blob/main/README.md#fut... ]
I think it's about being a configuration management nightmare. If every device has a unique password, you need the decoder ring for serial number to password. However, not all processors have unique IDs. So you either need to find a way to reliably serialize each board during manufacturing and hope it stays (like a sticker/laser/printer/etc) or add a serial number chip which is cost and complexity. It's not impossible, it's just extra work that usually goes unrewarded.
I'm a long way from embedded development. But I was under the impression a lot of microcontrollers these days have some ID capability built in, even some relatively low-end ones. This strikes me more as laziness than anything.
This is true, for example many stm32 series have a 96 bit unique id which is derived from the lot number, wafer id and position [1]. Even the low cost stm32g0b1 series I am using has them, but they are missing from some older series.
Moreover, on any device that is connected to Internet you already have a unique MAC address on its Ethernet or WiFi interface.
You can hash this unique MAC address, together with other data that may be shared with the other devices of the same kind, to generate unique keys or other kinds of credentials.
Surprisingly it's not everywhere. I'm very in embedded development and cannot count the amount of time I look for "unique" "id" etc in a reference manual and come up short. It's certainly more common than not, but you often have to design systems for the lowest common denominator.
It is indeed. And that sucks but that's what it is. Product design is about calculated risks and trades. It's a good thing regulators are here to help because companies won't do it on their own and the general public doesn't care enough.
I have not knowledge of this kind of software dev/hw production, so can you please explain why the units cant just be born with a default pass and then have the setup process (which is always there) Force the owner to set a new password?
Knowledge or not, this..
> It's not impossible, it's just extra work that usually goes unrewarded.
.. is just not an acceptable way for business to think and operate i 2026, especially not when it comes to internet connected video enabled devices
I'll answer your question with a question: how often do you see people complaining about needing setup processes vs the old way of just plug and play? There's no perfect answer that placates all sides. Things can certainly be better, but when those people win and you no longer need to have a setup process, then what?
While true that in $current_year it would be nice if things were more secure, the sad truth is that most people don't care.
I agree that yes most just want PnP and basically don’t care about security. But it seemed on the posts above that there was an engineering complexity,
and a robot vaccum needs local WiFi, so there will be a setup flow. Whats preventing a password selection
just be part of that?
Well it needs to talk to either a web frontend (internet) or app (bluetooth or wifi). If you're worried about it spying, well, the app could always relay data for it.
Anyway regardless of wifi, bluetooth, or something else there will be a setup process.
You're begging the question. Why does it need to talk to a web front end or app? Why does any appliance need this? (I know they all claim to need it, but it isn't at all clear why this (supposedly) needs to be the case.)
For that matter, I'm unclear why there needs to be a setup process. I understand that this may be key to the vendor's business model, but that's their need, not something the products needs, and certainly nothing I need.
I'm not begging the question although I am implicitly assuming that the vast majority of consumers will want to control a robot vacuum via their phone. I suppose including a touchscreen on the unit itself is not entirely unreasonable but I expect that would be an uphill battle for various disparate reasons (expense, durability, and ease of use at minimum).
Once you introduce control via phone the most straightforward approach is either wifi or bluetooth which requires a setup process.
From the outside, it looks like the US's society and culture fosters an unusually large criminal class compared to other western countries? If people had access to education, healthcare, jobs that aren't shipped overseas, minimum wage that wasn't laughable, etc, there wouldn't be so much problems? Arguing over severity of punishment while ignoring systemic issues is silly.
Non-developed countries do not have functional law enforcement and they are highly corrupt, so any statistics outside of developed countries should be ignored.
For developed countries, none but America have such high levels of immigration nor the racial diversity America has. It is much easier to convince society to promote high-trust empathetic solutions when society is racially homogenous and shares cultural background. It’s impossible to compare America to any European country, although soon it may be possible if immigration continues
How are you measuring that? There are plenty of developed countries with a higher immigrant share like Switzerland and Australia. If you're taking about visible minorities then Canada has a higher proportion of the population.
Epigenetic inheritance of traits like that in humans is very much on the theoretical side of the spectrum right now.
However plain old genetic inheritance can and does influence behavioral traits. As does learned behaviors passed down from parent to child through child raising.
You are correct. My country does not have the similar separation of powers the US has. I do not understand why Americans have a hard time realizing this: the President and other elected officials work for YOU. They literally run for office to get the position, and they get voted in. Why would someone let an elected official enrich themselves and their friends with your money? Why would the legislative branch allow that?
A populace with a functioning representative democracy deserves its leaders.
There is no mechanism for citizens of the united states to recall a president or member of congress. They must wait 2, 4, and 6 years depending on who they'd like to replace. This contributes to the the current woes as as many members of congress and some presidents (like this one) would certainly undergo recall battles or be immediately recalled. Since we can't though, and elections in this country are a 12-16 month barrage of lies, propaganda and ads by the time voting does come around people just check which ever box matches their team, zero thought given and are thankful the whole mess is over with so they can mostly ignore politics until its time to start complaining again about how poorly they're represented. Repeat.
Another issue is that you actually need a lot of money to meaningfully run for most federal office roles, so that's one filter which promotes rich guys who don't care about doing the job well.
To put it another way, I have not participated in a federal election where I was excited about my options, ever. I have always been triage voting in federal elections ever since I was old enough to vote.
So yes, we do vote for our clowns, but only because we're not given any decent options to vote for.
Fortunately, the US giving a lot of power to states means that our more local elections are a lot more interesting to participate in and at least in my state, I have several decent options to vote in people who will make a real difference.
>”Why would someone let an elected official enrich themselves and their friends with your money? Why would the legislative branch allow that?”
Let is a heavily loaded term here. The most an individual can reasonably do is cast their single vote in an election year. I could attempt to bring a lawsuit against a politician, but it would almost certainly be thrown out due to a lack of standing. Activism is certainly an option, but that is really just an effort to convince others to cast their single vote differently. Outside of those options, one would have to break some laws.
About 30% of our electorate consists of so-called "deplorables" who are geographically distributed in a way that gives them outsized influence. The deplorables were happy to set aside their own best interests at the voting booth because Trump promised to hurt other people more.
Promises were made, and as far as the deplorables are concerned, promises were kept. They continue to approve of his actions wholeheartedly.
There is probably no way back for us, unfortunately. Please keep in mind than a healthy majority of American voters either voted against Trump or chose to sit out the election. We are largely powerless, though, due to system-level weaknesses that have been present since the nation's founding but couldn't effectively be exploited until recently.
>Why would someone let an elected official enrich themselves and their friends with your money? Why would the legislative branch allow that?
Republicans in Congress were elected expressly to allow Trump to do as he wishes.
>A populace with a functioning representative democracy deserves its leaders.
Yes. Despite Trump himself being a fascist, the government continues to operate as a representative democracy. Most Congresscritters have their thumbs up their asses waiting for things to get much worse, which mirrors the vast majority of voters.
Is it national apathy? Decadence? Addiction to the drama, anger and depravity of Trump TV?
Corporate doesn't care about morale, they want to stay as far away as possible from testing the limits of good samaratin laws at best, or directing unqualified employees to provide healthcare at worst.
reply